Summary: | <media-gfx/gthumb-3.10.0: Buffer overflow in _cairo_image_surface_create_from_jpeg causes crash (CVE-2019-20326) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
media-gfx/gthumb-3.10.0
|
Runtime testing required: | --- |
Description
Sam James
2020-03-16 23:57:01 UTC
@maintainer(s): ping ping The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed8b23504db441e536f0fce244c6df95ccb0c1b6 commit ed8b23504db441e536f0fce244c6df95ccb0c1b6 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-07-31 17:10:53 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-07-31 17:11:34 +0000 media-gfx/gthumb: bump to 3.10.0 Bug: https://bugs.gentoo.org/712932 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-gfx/gthumb/Manifest | 1 + media-gfx/gthumb/gthumb-3.10.0.ebuild | 89 ++++++++++++++++++++++++++++ profiles/arch/powerpc/ppc32/package.use.mask | 1 + 3 files changed, 91 insertions(+) Let us know when ready to stable, thanks! amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. This issue was resolved and addressed in GLSA 202008-05 at https://security.gentoo.org/glsa/202008-05 by GLSA coordinator Sam James (sam_c). Reopening for cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=741f5f782444f855ae71146a54a6182224336dcf commit 741f5f782444f855ae71146a54a6182224336dcf Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-08-08 15:21:39 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-08-09 07:19:29 +0000 media-gfx/gthumb: security cleanup Bug: https://bugs.gentoo.org/712932 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-gfx/gthumb/Manifest | 1 - .../gthumb/files/gthumb-3.6.2-exiv2-0.27.patch | 31 ------- media-gfx/gthumb/gthumb-3.6.2-r1.ebuild | 99 ---------------------- media-gfx/gthumb/metadata.xml | 3 +- 4 files changed, 1 insertion(+), 133 deletions(-) Thanks! |